Wireshark · Ethereal-dev: [Ethereal-dev] Some COPS-captures causes Ethereal 0.9.8, 0.9.7 and 0.9.6 to crash on Windows.

Ethereal-dev: [Ethereal-dev] Some COPS-captures causes Ethereal 0.9.8, 0.9.7 and 0.9.6 to cras

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Martin Regner" <martin.regner@xxxxxxxxx>

Date: Sun, 8 Dec 2002 12:47:11 +0100

Hi,

I noticed that I got crashes when loading a couple of COPS-captures on Ethereal 0.9.8 (Windows 98):

http://www.ethereal.com/lists/ethereal-dev/200202/msg00215.html (Cops.dump = bin00391.bin)

http://www.ethereal.com/lists/ethereal-dev/200202/bin00358.bin (bin00358.bin)

I then tried with Ethereal 0.9.7 and 0.9.6 (Windows 98) and then I also got crashes when loading these files.

With Ethereal 0.9.5 I don't get any crash but then these packets are shown as Malformed COPS packets.

On Ethereal 0.9.7 (Windows 2000) I also get crashes with those captures but not immediately when reading in the file

but only sometimes when selecting frame 12 in those captures.

Frame 12 looks quite OK what I can see except that there are some blank lines and corresponding Gdk-WARNING **: gdk_txt_size: gdk_nmbstowchar_ts failed.

I have not yet installed 0.9.8 on the WIN2000 PC but it seems that the COPS dissector has not been modified between 0.9.7 and 0.9.8,

so I guess I will have similar results with 0.9.8.

There is also some stange things when I test with the capture http://www.atm.tut.fi/~hessu/ethereal/cops-pr.cap.

Some IPADDR are blank on the screen (Gdk-WARNING **: gdk_txt_size: gdk_nmbstowchar_ts failed) and

these entries are shown as strange characters when printing to a file, see extract below.

I don't have so much time right now to dig into this issue, so if someoneelse has some spare time to look into the COPS

dissector and solve those problems it would be good.

Value: UNSIGNED32: 1 (0x1)

Value: IPADDR: ‚æ4*

Value: IPADDR: ÿÿÿ

Value: IPADDR: 130.230.024.010

Value: IPADDR: 255.255.255.000

Value: INTEGER: 43 (0x2b)

Value: INTEGER: 6 (0x6)

Value: INTEGER: 0 (0)

Value: INTEGER: 1023 (0x3ff)

Value: INTEGER: 1024 (0x400)

Value: INTEGER: 65535 (0xffff)

The results I got from Visual Studio debugger was different from time to time. I guess that there is some memory overwriting

or similar that results in that the stack traces seems to be corrupt in at least some cases.

Bin00358.bin, frame 12:
============================
MSVCRT! 7802577f()
xtobstr(unsigned char * 0x027719f8, unsigned int 2) line 882 + 37 bytes
decode_cops_pr_asn1_data(tvbuff * 0x026ba688, unsigned int 342, _GNode * 0x02745418, unsigned int 4, int 1) line 1007 + 13 bytes
dissect_cops_pr_object_data(tvbuff * 0x026ba688, unsigned int 328, _GNode * 0x02750ce0, unsigned char 3, unsigned char 1, unsigned short 18) line 1156 + 29 bytes
dissect_cops_pr_objects(tvbuff * 0x026ba688, unsigned int 328, _GNode * 0x02750ce0, unsigned short 6688) line 654 + 30 bytes
dissect_cops_object_data(tvbuff * 0x026ba688, unsigned int 28, _GNode * 0x02750880, unsigned char 9, unsigned char 2, unsigned short 6988) line 782 + 22 bytes
dissect_cops_object(tvbuff * 0x026ba688, unsigned int 28, _GNode * 0x02746ff4) line 606 + 30 bytes
dissect_cops_pdu(tvbuff * 0x026ba688, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 504 + 17 bytes
tcp_dissect_pdus(tvbuff * 0x026ba654, _packet_info * 0x026b1440, _GNode * 0x026bc68c, int 1, unsigned int 8, unsigned int (tvbuff *, int)* 0x0043a88e get_cops_pdu_len(tvbuff *, int), void (tvbuff *, _packet_info *, _GNode *)* 0x0043a8a6 dissect_cops_pdu(tvbuff *, _packet_info *, _GNode *)) line 1339 + 15 bytes
dissect_cops(tvbuff * 0x026ba654, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 445 + 35 bytes
dissector_try_port(dissector_table * 0x0104e3f8, unsigned int 3288, tvbuff * 0x026ba654, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 574 + 18 bytes
decode_tcp_ports(tvbuff * 0x026ba620, int 0, _packet_info * 0x026b1440, _GNode * 0x026bc68c, int 1773, int 3288) line 1619 + 34 bytes
desegment_tcp(tvbuff * 0x026ba550, _packet_info * 0x026b1440, int 20, unsigned int 5861, unsigned int 7037, unsigned int 1773, unsigned int 3288, _GNode * 0x026bc68c, _GNode * 0x01139c70) line 980 + 27 bytes
dissect_tcp(tvbuff * 0x026ba550, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 1971 + 62 bytes
dissector_try_port(dissector_table * 0x00bce7c8, unsigned int 6, tvbuff * 0x026ba550, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 574 + 18 bytes
dissect_ip(tvbuff * 0x026ba51c, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 1055 + 34 bytes
dissector_try_port(dissector_table * 0x00bcfdc8, unsigned int 2048, tvbuff * 0x026ba51c, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 574 + 18 bytes
ethertype(unsigned short 2048, tvbuff * 0x026ba4e8, int 14, _packet_info * 0x026b1440, _GNode * 0x026bc68c, _GNode * 0x0274c324, int 2096, int 2098) line 156 + 33 bytes
dissect_eth(tvbuff * 0x026ba4e8, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 238 + 41 bytes
dissector_try_port(dissector_table * 0x00bcfeb8, unsigned int 1, tvbuff * 0x026ba4e8, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 574 + 18 bytes
dissect_frame(tvbuff * 0x026ba4e8, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 174 + 34 bytes
call_dissector(dissector_handle * 0x00bcff68, tvbuff * 0x026ba4e8, _packet_info * 0x026b1440, _GNode * 0x026bc68c) line 1094 + 18 bytes
dissect_packet(_epan_dissect_t * 0x026b1438, wtap_pseudo_header * 0x008f3834, const unsigned char * 0x008f38c4, _frame_data * 0x026f2ae4, _column_info * 0x00000000) line 299 + 32 bytes
epan_dissect_run(_epan_dissect_t * 0x026b1438, void * 0x008f3834, const unsigned char * 0x008f38c4, _frame_data * 0x026f2ae4, _column_info * 0x00000000) line 99 + 25 bytes
select_packet(_capture_file * 0x008f37c0, int 11) line 1625 + 44 bytes
packet_list_select_cb(_GtkWidget * 0x0111b508, int 11, int 9, void * 0x0271d890) line 724 + 14 bytes
GTK-1.3! 0098bea4()
GTK-1.3! 009c200b()
GTK-1.3! 009c1352()
GTK-1.3! 009beb6a()
GTK-1.3! 009336c0()
GTK-1.3! 0098bc4a()
GTK-1.3! 009c1388()
GTK-1.3! 009beb6a()
GTK-1.3! 00a02430()
GTK-1.3! 0098bbc5()
GTK-1.3! 0098ae67()
GDK-1.3! 00a73362()
GLIB-1.3! 0024005f()
GLIB-1.3! 0024075c()
GLIB-1.3! 00240902()
GLIB-1.3! 00240c4f()
GTK-1.3! 0098a869()
main(int 0, char * * 0x00bc3c34) line 2042
WinMain(HINSTANCE__ * 0x00400000, HINSTANCE__ * 0x00000000, char * 0x00133e29, int 1) line 2130 + 23 bytes
ETHEREAL! WinMainCRTStartup + 308 bytes
KERNEL32! 77e

NTDLL! 77fcb032()
MSVCRT! 780010a8()
MSVCRT! 78001045()
GDK-1.3! 00a78b1a()
GDK-1.3! 00a78bbe()
GDK-1.3! 00a53a81()
GTK-1.3! 0094a0bb()
GTK-1.3! 00949d92()
GTK-1.3! 0094a5fe()
GTK-1.3! 0094e258()
GTK-1.3! 0094a779()
GTK-1.3! 0094bb28()
proto_tree_draw_node(_GNode * 0x0273fda0, void * 0x0012ed08) line 1068 + 43 bytes
GLIB-1.3! 00249aea()
proto_tree_draw_node(_GNode * 0x02741e74, void * 0x0012ee60) line 1075 + 23 bytes
GLIB-1.3! 00249aea()
proto_tree_draw_node(_GNode * 0x01139fa4, void * 0x0012efb8) line 1075 + 23 bytes
GLIB-1.3! 00249aea()
proto_tree_draw_node(_GNode * 0x0273f904, void * 0x0012f110) line 1075 + 23 bytes
GLIB-1.3! 00249aea()
proto_tree_draw(_GNode * 0x026bc6bc, _GtkWidget * 0x0111f3d8) line 1005 + 20 bytes
main_proto_tree_draw(_GNode * 0x026bc6bc) line 984 + 15 bytes
select_packet(_capture_file * 0x008f37c0, int 11) line 1631 + 18 bytes
packet_list_select_cb(_GtkWidget * 0x0111b508, int 11, int 4, void * 0x0271d890) line 724 + 14 bytes
GTK-1.3! 0098bea4()
GTK-1.3! 009c200b()
GTK-1.3! 009c1352()
GTK-1.3! 009beb6a()
GTK-1.3! 009336c0()
GTK-1.3! 0098bc4a()
GTK-1.3! 009c1388()
GTK-1.3! 009beb6a()
GTK-1.3! 00a02430()
GTK-1.3! 0098bbc5()
GTK-1.3! 0098ae67()
GDK-1.3! 00a73362()
GLIB-1.3! 0024005f()
GLIB-1.3! 0024075c()
GLIB-1.3! 00240902()
GLIB-1.3! 00240c4f()
GTK-1.3! 0098a869()
main(int 0, char * * 0x00bc3c34) line 2042
WinMain(HINSTANCE__ * 0x00400000, HINSTANCE__ * 0x00000000, char * 0x00133e29, int 1) line 2130 + 23 bytes
ETHEREAL! WinMainCRTStartup + 308 bytes
KERNEL32! 7

Bin00391.bin, frame 12:
========================

Instruction at 0x77fcb9ae referenced memory at 0x00000004

NTDLL! 77fcb9ae()
NTDLL! 77fcb795()
MSVCRT! 7800115c()
GLIB-1.3! 002446be()
GTK-1.3! 0094a3bc()
GTK-1.3! 0094ab63()
GTK-1.3! 0094a7d3()
GTK-1.3! 0094c4ab()
GTK-1.3! 0094c490()
GTK-1.3! 0094c490()
GTK-1.3! 0094c490()
GTK-1.3! 0094c490()
GTK-1.3! 0094c37d()
GTK-1.3! 0092d904()
clear_tree_and_hex_views() line 1079 + 27 bytes
unselect_packet(_capture_file * 0x008f1be0) line 1651
packet_list_unselect_cb(_GtkWidget * 0x0111b540, int 11, int 9, void * 0x0112f340) line 731 + 10 bytes
GTK-1.3! 0098bea4()
GTK-1.3! 009c200b()
GTK-1.3! 009c1352()
GTK-1.3! 009beb6a()
GTK-1.3! 00930162()
GTK-1.3! 0098bea4()
GTK-1.3! 009c1228()
GTK-1.3! 009beb6a()
GTK-1.3! 009336c0()
GTK-1.3! 0098bc4a()
GTK-1.3! 009c1388()
GTK-1.3! 009beb6a()
GTK-1.3! 00a02430()
GTK-1.3! 0098bbc5()
GTK-1.3! 0098ae67()
GDK-1.3! 00a73362()
GLIB-1.3! 0024005f()
GLIB-1.3! 0024075c()
GLIB-1.3! 00240902()
GLIB-1.3! 00240c4f()
GTK-1.3! 0098a869()
main(int 0, char * * 0x00bc3cbc) line 2042
WinMain(HINSTANCE__ * 0x00400000, HINSTANCE__ * 0x00000000, char * 0x00134384, int 1) line 2130 + 23 bytes
ETHEREAL! WinMainCRTStartup + 308 bytes
KERNEL32! 77ea847c()

NTDLL! 77fcc55c()
NTDLL! 77f8955d()
NTDLL! 77fcbba8()
MSVCRT! 780010a8()
MSVCRT! 78001045()
GLIB-1.3! 00244afc()
GTK-1.3! 0094aa2c()
GTK-1.3! 0094ba78()
proto_tree_draw_node(_GNode * 0x02764540, void * 0x0012ed08) line 1068 + 43 bytes
GLIB-1.3! 00249aea()
proto_tree_draw_node(_GNode * 0x026de278, void * 0x0012ee60) line 1075 + 23 bytes
GLIB-1.3! 00249aea()
proto_tree_draw_node(_GNode * 0x02724074, void * 0x0012efb8) line 1075 + 23 bytes
GLIB-1.3! 00249aea()
proto_tree_draw_node(_GNode * 0x026ba514, void * 0x0012f110) line 1075 + 23 bytes
GLIB-1.3! 00249aea()
proto_tree_draw(_GNode * 0x026ba5b4, _GtkWidget * 0x0111f3d8) line 1005 + 20 bytes
main_proto_tree_draw(_GNode * 0x026ba5b4) line 984 + 15 bytes
select_packet(_capture_file * 0x008f37c0, int 11) line 1631 + 18 bytes
packet_list_select_cb(_GtkWidget * 0x0111b508, int 11, int 3, void * 0x0271d880) line 724 + 14 bytes
GTK-1.3! 0098bea4()
GTK-1.3! 009c200b()
GTK-1.3! 009c1352()
GTK-1.3! 009beb6a()
GTK-1.3! 009336c0()
GTK-1.3! 0098bc4a()
GTK-1.3! 009c1388()
GTK-1.3! 009beb6a()
GTK-1.3! 00a02430()
GTK-1.3! 0098bbc5()
GTK-1.3! 0098ae67()
GDK-1.3! 00a73362()
GLIB-1.3! 0024005f()
GLIB-1.3! 0024075c()
GLIB-1.3! 00240902()
GLIB-1.3! 00240c4f()
GTK-1.3! 0098a869()
main(int 0, char * * 0x00bc3c34) line 2042
WinMain(HINSTANCE__ * 0x00400000, HINSTANCE__ * 0x00000000, char * 0x00133e29, int 1) line 2130 + 23 bytes
ETHEREAL! WinMainCRTStartup + 308 bytes
KERNEL32! 77ea847c()

Prev by Date: [Ethereal-dev] Some COPS-captures causes Ethereal 0.9.8, 0.9.7 and 0.9.6 to crash on Windows.
Next by Date: Re: [Ethereal-dev] Patch to packet-llc.c to support IPFC
Previous by thread: [Ethereal-dev] Some COPS-captures causes Ethereal 0.9.8, 0.9.7 and 0.9.6 to crash on Windows.
Next by thread: Re: [Ethereal-dev] 'Assertion failed' with CVS snapshots & Mandrake9.0.
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$